The future of this world is cyber! Centuries of territorial wars culminated in the “War to end all wars”; and then that was not enough, there was another war after that. However, the world has moved on, and the next great war could very well be in the form of cyber war fare. A comprehensive tech-plan can help fight against digital-attacks.
Read Also – Can Computers Replace Lawyers ?
What is Cyberwarfare?
Using technology to attack and disrupt a nation’s computers or information networks is cyberwarfare. Cyber-attacks and cyberwars can cause great damage and lead to destruction (or in certain instances, death as well).
Professor John B. Sheldon cautions that one should not confuse cyberwar “with the terrorist use of cyberspace or with cyberespionage or cybercrime”, despite all four of the activities using similar tactics.
Computers are interconnected with each other in a network called cyberspace. This network is a virtual domain of interconnected devices such as computers, servers, routers, and internet-enabled devices.
Any attack on this cyberspace is a cyber-attack. Cyberattacks are also known as digital attacks since they are attacks launched onto the digital sphere. Cyberdefense refers to counter-measures for parrying such cyberattacks.
Untangling the Web: Cyberspace and Its Many Layers
Professor Sheldon claims that there are three layers to the cyberspace.
- Firstly, the physical layer. It comprises the “hardware, cables, satellites, and other equipment”.
- Secondly, the syntactic layer. It comprises the “software providing the operating instructions for the physical equipment”.
- Thirdly, the semantic layer. It comprises human interaction with the computer-generated information and interaction of the user with the information.
All three layers are vulnerable to cyber-attacks. The physical infrastructure of cyberspace can be destroyed using traditional weaponry and combat techniques. In this, the attackers access and destroy the physical asset in the infrastructure system. They physically destroy computers and tamper their network systems. Furthermore, the attackers can also subdue or kill the physical users of such infrastructure.
For instance, attackers can tamper network systems and disable security cameras allowing break-ins to go undetected. An example of physical attacks is the destruction of communication networks and computer facilities during the U.S.-led operation against Iraq.
Cyberweapons such as malware and corrupted codes can disrupt the syntactic layer. Malware or malicious software such as bombs, trojans, spyware, or worms are adept at preventing normal computer processes. Alternatively, distributed denial-of-service (DDoS) attacks are another way of transforming computers into “zombie” computers.
For example, during February 2018, a critical DDoS attack had affected GitHub. Although GitHub beat the attack within 30 minutes, the traffic peaked at 1.35 TB per second, which is huge.
Cyberwar attacks such as phishing and baiting are usual modes for destroying the semantic layer. These attacks manipulate computer-generated data to obtain valuable (and confidential) information such as financial details or passwords. Semantic attacks are most common for carrying out espionage and clandestine criminal activity.
To illustrate, sometime in 2010, perpetrators stole the passwords of people desirous of viewing an allegedly revealing photograph of a Bollywood entertainer.
Cyber-attacks may often be intertwined between the layers, and highly complex in nature. Accordingly, it may require experienced white-hat hackers to counteract the digital attacks. However, it is difficult to respond within an optimum amount of time always, and sometimes it may be too late.
Therefore, people and organizations must be prepared with a robust data protection mechanism in place. Since cyberwarfare does not adhere to territorial bounds, it is ideal to have an international law applicable to cyber operations.
Cyber Operations Under International Humanitarian Law
International Humanitarian Law or the Laws of War governs situations of armed conflict and occupation between two or more nations. Based on purely humanitarian grounds, International Humanitarian Law (IHL) seeks “to limit the effects of armed conflict”.
Most of the tenets of the IHL emanate from the four Geneva Conventions of 1949. Needless to mention that the Second World War necessitated the adoption of these principles. IHL also applies, albeit in a subdued manner, to infighting or internal armed conflicts.
The United Nations, UNIDIR published an article which defined “cyberwarfare” as “warfare conducted in cyberspace through cyber means and methods”. It states that cyber operations under international humanitarian law or jus in bello are confined to cyberwarfare alone. IHL may not include “cyber criminality” and “cyberterrorism”.
It is difficult to apply IHL to the virtual domain since cyberspace is essentially man-made and cross-border. Since it knows no boundaries, therefore, it is difficult to predict the epicenter of an attacker. Experienced attackers are adept at masking or spoofing their IP addresses, and the only way to truly combat cyber-attacks is through a dedicated taskforce.
Article 2(4) of the UN Charter cautions States against using “force against the territorial integrity or political independence of any state, or in any other manner inconsistent with the Purposes of the United Nations”. Redefining the term “force” would help to increase the ambit of the UN Charter to apply to digital attacks as well.
More recently, several States, business organizations, and private/civil-sector entities adopted the Paris Call for Trust and Security in Cyberspace. This affirmation is a positive step towards securing “an open, secure, stable, accessible and peaceful cyberspace”.
Read Also – How to file a complaint in Cyber Crime
Nine Principles of the Paris Call for Trust and Security in Cyberspace
The Paris Call for Trust and Security in Cyberspace (Call) is a huge step towards creating an international law applicable to cyber operations. It is based on the bedrock of nine principles which are:
- Protect individuals and infrastructure (from malicious cyber activities).
- Protect the internet (from activity that intentionally and substantially damages the general availability or integrity of it).
- Defend electoral processes (against foreign actors’ malign interference through malicious cyber activities).
- Defend intellectual property (including trade secrets or other confidential business information).
- Non-proliferation (of malicious software and practices intended to cause harm).
- Lifecycle security (of digital processes, products, and services).
- Cyber hygiene (measures that strengthen advanced cyber hygiene for all actors).
- No private hack back (for non-state actors).
- (Promote the widespread acceptance and implementation of) international norms (of responsible behavior).
The Call envisaged following-up on the progress and reconvening at the Paris Peace Forum in 2019 and the Internet Governance Forum (IGF 2019) in Berlin in 2019.
The IGF 2019 was based on the theme of “One World. One Net. One Vision” and focused on:
- Data Governance;
- Digital Inclusion; and
- Security, Safety, Stability and Resilience.
The IGF 2020 was a virtual conference focusing on ‘Data’ as one of its main themes. Its overarching theme was “Internet for human resilience and solidarity”. The COVID-19 pandemic has highlighted the importance of digital technology and with technology comes the aspect of digital security.
Ten Commandments of Ensuring Cybersecurity
While it is difficult to have a uniform international law applicable to cyber operations, there are ways to ensure cybersecurity. Sandia National Laboratories released a Programme Document where the authors discuss ten questions for improving cybersecurity. Though these ten commandments do not guarantee cyber-safety, yet they can help adopt a viable and effective cyber-defense mechanism.
- Firstly, ensure adequate controls (checks and measures) on physical access to critical system components and cyber nodes.
- Additionally, adopt strong passwords and change them regularly.
- Ensure minimal connectivity between business and control networks.
- Provide remote access to business networks and control networks only when absolutely necessary.
- Moreover, enable two-factor verification for remote access to critical applications.
- Furthermore, regularly review all user access privileges, and promptly revoke them from former employees.
- Constantly test and audit access control and intrusion detection mechanisms like alarms, procedures, entry systems, and firewalls.
- Additionally, update virus checkers, operating system patches, and spyware removal software to their latest versions.
- Habitually test unauthorized physical security conditions such as unlocked doors and cyber connections.
- Finally, ensure cyber backup procedures, mutual aid agreements, priority services or supply contracts, law enforcement contacts, and emergency power or communication systems.